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REMARKS 

This response is intended as a full and complete response to the non-final 
Office Action mailed January 30, 2006. In the Office Action, the Examiner notes 
that claims 1-9 are pending and rejected. By this response, the claims continue 
unamended. 

In view of the following discussion, Applicant submits that none of the 
claims now pending in the application are obvious under the provisions of 35 
U.S.C. §103. Further, Applicant submits that none of the claims are directed to 
non-statutory subject matter under the provisions of 35 U.S.C. §101 . Thus, 
Applicant believes that all of these claims are now in allowable form. 

It is to be understood that Applicant does not acquiesce to the Examinees 
characterizations of the art of record or to Applicant's subject matter recited in the 
pending claims. Further, Applicant is not acquiescing to the Examiner's 
statements as to the applicability of the art of record to the pending claims by 
filing the instant response. 

35 U.S.C. §101 Rejection of 1-9 

The Examiner has rejected claims 1-9 under 35 U.S.C. §101 "because the 
claimed invention is directed to non-statutory subject matter." The Applicants 
respectfully traverse the rejection. 

In particular, the Examiner alleges "[T]he method steps of claims 1-9 are 
not limited to tangible embodiments, therefore non-statutory." However, the 
Applicants respectfully disagree. MPEP 2106JV.B,2(b)(ii) recites (emphasis 
added below): 

" For such subject matter to be statutory, the claimed process 
must be limited to a practical application of the abstract idea or 
mathematical algorithm in the technological arts . See Alappat, 33 
F.3d at 1543, 31 USPQ2d at 1556-57 (quoting Diamond v. Diehr, 
450 U.S. at 192, 209 USPQ at 10). See also Alappat 33 F.3d at 
1569, 31 USPQ2d at 1578-79 (Newman, J., concurring) 
("unpatentability of the principle does not defeat patentability of its 
practical applications") (citing O'Reilly v. Morse, 56 U.S. (15 How.) 
at 114-19). A claim is limited to a practical application when the 
method, as claimed, produces a concrete, tangible and useful 
result: i.e.. the method recites a step or act of producing something 
that is concrete, tangible and useful . See AT&T, 172 F.3d at 1358, 
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50 USPQ2d at 1452. Likewise, a machine claim is statutory when 
the machine, as claimed, produces a concrete, tangible and useful 
result (as in State Street, 149 F.3d at 1373, 47 USPQ2d at 1601) 
and/or when a specific machine is being claimed (as in Alappat, 33 
F.3d at 1544, 31 USPQ2d at 1557 (*>en< banc). For example, a 
computer process that simply calculates a mathematical algorithm 
that models noise is nonstatutory. However, a claimed process for 
digitally filtering noise employing the mathematical algorithm is 
statutory." 

Thus, for subject matter to be statutory, the process must be limited to a practical 

application in the technological arts . Furthermore, a claim is limited to a practical 

application when the method produces a concrete, tangible and useful result . 

The Applicants* claim 1 recites (emphasis added below): 

"1. A method for thwarting coordinated SYN denial of service 
(CSDoS) attacks against a server S disposed in a network of 
interconnected elements communicating using the TCP protocol , 
comprising the steps of 

controlling a network switch to divert a predetermined 
fraction of SYN packets destined for said server, to a web guard 
processor, 

establishing a first TCP connection between one or more 
clients originating said packets and said web guard processor, and 
a second TCP connection between said web guard processor and 
said server, so that packets can be transmitted between said one or 
more clients and said server, 

monitoring the number of timed-out connections between 
said web guard processor and said one or more clients, 

if the number of timed-out connections between said web 
guard processor and said one or more clients exceeds a first 
predetermined threshold, controlling said switch to divert all SYN 
packets destined to said server to said web guard processor ." 

Thus, the Applicants' claim 1 recites, inter alia, a method for thwarting 
coordinated SYN denial of service (CSDoS) attacks. To thwart a CSDoS attack 
is a practical application , as both this type of attack and the benefits for thwarting 
it would be well known to one of ordinary skill in the art. Furthermore, the result 
of the claim is concrete and tangible because the claim recites M if the number of 
timed-out connections between said web guard processor and said one or more 
clients exceeds a first predetermined threshold, controlling said switch to divert 
all SYN packets destined to said server to said web guard processor ." Diverting 
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all the SYN packets to the web guard processor instead of the server is concrete 
and tangible because the packets will physically arrive at a different computing 
element (i.e. the web guard processor instead of the server) as a result of the 
method. The result is useful because the server is spared the negative effects of 
receiving the malicious packets. One of ordinary skill in the art would understand 
this to be useful. 

The Applicants independent claim 7 recites (emphasis added below): 

*7 \ A method for thwarting coordinated SYN denial of service 
(CSDoS) attacks against a server disposed in a network of 
interconnected elements communicating using the TCP protocol , 
the attack originating from a host generating SYN packets destined 
for the server, said method comprising: 

arranging a switch receiving the SYN packets destined to the 
server to forward the SYN packets to a TCP proxy arranged to 
operate without an associated cache . 

for each SYN packet, sending a SYN/ACK packet from the 
TCP proxy to a sender address included in the SYN packet by the 
host; 

establishing a TCP connection, corresponding to a particular 
SYN packet of the SYN packets, between the TCP proxy and the 
server only if the TCP proxy receives a response from the host to 
the SYN/ACK packet corresponding to the particular SYN packet ." 

Thus, the Applicants' claim 7 recites, inter alia, a method for thwarting 
coordinated SYN denial of service (CSDoS) attacks. To thwart a CSDoS attack 
is a practical application, as both this type of attack and the benefits for thwarting 
it would be well known to one of ordinary skill in the art. Furthermore, the result 
of the claim is concrete and tangible because the claim recites, inter alia, 
" arranging a switch receiving the SYN packets destined to the server to forward 
the SYN packets to a TCP proxy arranged to operate without an associated 
cache" and "establishing a TCP connection, corresponding to a particular SYN 
packet of the SYN packets, between the TCP proxy and the server only if the 
TCP proxy receives a response from the host to the SYN/ACK packet 
corresponding to the particular SYN packet." Forwarding SYN packets to the 
TCP proxy instead of the server is concrete and tangible because the packets 
will physically arrive at a different computing element (i.e. the TCP proxy instead 
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of the server) as a result of the method. The result is useful because the server 

is spared the negative effects of receiving malicious packets. One of ordinary 

skill in the art would understand this to be useful. 

The Applicants independent claim 8 recites (emphasis added below): 

M 8. A method for thwarting coordinated SYN denial of service 
(CSDOS) attacks against a server disposed in a network of 
interconnected elements communicating using the TCP protocol , 
comprising: 

forwarding a statistical sampling of packets from a switch in 
the network to a processor 

if packets in the sampling indicate an attack against the 
server, altering the operation of the switch to forward all packets 
destined for the server to the processor ." 

Thus, the Applicants' claim 8 recites, inter alia, a method for thwarting 
coordinated SYN denial of service (CSDoS) attacks. To thwart a CSDoS attack 
is a practical application , as both this type of attack and the benefits for thwarting 
it would be well known to one of ordinary skill in the art. Furthermore, the result 
of the claim is concrete and tangible because the claim recites, inter alia, 
" forwarding a statistical sampling of packets from a switch in the network to a 
processor" and " if packets in the sampling indicate an attack against the server, 
altering the operation of the switch to forward all packets destined for the server 
to the processor. " Forwarding packets to the processor instead of the server is 
concrete and tangible because the packets will physically arrive at a different 
computing element (i.e. the processor instead of the server) as a result of the 
method. The result is useful because the server is spared the negative effects of 
receiving malicious packets. One of ordinary skill in the art would understand 
this to be useful. 

Thus, because claims 1,7 and 8 are limited to a practical application in 
the technological arts, and because these claims produce a concrete tangible 
and useful result, claims 1, 7 and 8 are directed to statutory subject matter. 
Moreover, claims 2-6 and 9 depend from claims 1 and 8, and recite additional 
features thereof, and as such are therefore also directed to statutory subject 
matter. 
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Therefore, the Examiner is respectfully requested to withdraw the 
rejection. 

35 LLS.C. 5103 Rejection of Claims 1-9 

Claims 1-9 are rejected under 35 U.S. C. §103(a) as being unpatentable 
over U.S. Patent Application Publication Number 2002/0031 134 to Poletto et al. 
(hereinafter Poletto) in view of U.S. Patent Application Publication No. 
2002/0035698 to Malan et al. (hereinafter Malan). The Applicants respectfully 
traverse the rejection. 

The Poletto and Malan references are not proper prior art against the 
Applicant's application. Specifically, the Applicant's application has a filing date 
of September 28, 2000. This filing date is before the filing date of both the 
Poletto (August 16, 2001) and Malan (May 15, 2001) references. Thus both the 
Poletto and Malan references are not prior art relative to the Applicants' 
Application. 

It is also hereby noted that if the Examiner attempts to use the provisional 
application date of either the Poletto reference (September 7, 2000) or the Malan 
reference (September 8, 2000), then the Examiner is technically applying 
different references against the present application. In that case, the Examiner 
must provide and cite the Poletto and Malan provisional applications against the 
present application . 

In addition to the Poletto and Malan references not being proper prior art 
against the Applicant's application, the Examiner has also failed to establish a 
prima facie case of obviousness because the Examiner has failed to provide any 
motivation to combine the references used in the rejection . 

As such, Applicant submits that independent claims 1-9 are not obvious 
and fully satisfy the requirements of 35 U.S.C. §103 and are patentable 
thereunder. Therefore, Applicant respectfully requests that the rejection against 
the claims be withdrawn. 
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CONCLUSION 



Thus, Applicant submits that claims 1-9 are in condition for allowance. 
Accordingly, both reconsideration of this application and its swift passage to 
issue are earnestly solicited. 

If, however, the Examiner believes that there are any unresolved issues 
requiring adverse final action in any of the claims now pending in the application, 
it is requested that the Examiner telephone Eamon J. Wall at (732) 530-9404 so 
that appropriate arrangements can be made for resolving such issues as 
expeditiously as possible. 



Patterson & Sheridan, LLP 
595 Shrewsbury Avenue 
Suite 100 

Shrewsbury, New Jersey 07702 
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